Skip to content
/ kapow Public
forked from BBVA/kapow

Kapow! If you can script it, you can HTTP it.

License

Notifications You must be signed in to change notification settings

lwillek/kapow

 
 

Repository files navigation

Kapow! Logo

If you can script it, you can HTTP it.

Test status Go Report Open Issues Documentation Current Version


What's Kapow!

Say we have a nice cozy shell command that solves our problem. Kapow! lets us easily turn that into an HTTP API.

Let's see this with an example

We want to expose log entries for files not found on our Apache Web Server, as an HTTP API. With Kapow! we just need to write this file:

[apache-host]$ cat search-apache-errors.pow
kapow route add /apache-errors - <<-'EOF'
    cat /var/log/apache2/access.log | grep 'File does not exist' | kapow set /response/body
EOF

and then, run it using Kapow!

[apache-host]$ kapow server --bind 0.0.0.0:8080 search-apache-errors.pow

finally, we can read from the just-defined endpoint:

[another-host]$ curl https://apache-host:8080/apache-errors
[Fri Feb 01 22:07:57.154391 2019] [core:info] [pid 7:tid 140284200093440] [client 172.17.0.1:50756] AH00128: File does not exist: /usr/var/www/mysite/favicon.ico
[Fri Feb 01 22:07:57.808291 2019] [core:info] [pid 8:tid 140284216878848] [client 172.17.0.1:50758] AH00128: File does not exist: /usr/var/www/mysite/favicon.ico
[Fri Feb 01 22:07:57.878149 2019] [core:info] [pid 8:tid 140284208486144] [client 172.17.0.1:50758] AH00128: File does not exist: /usr/var/www/mysite/favicon.ico
...

Why Kapow! shines in these cases

  • We can share information without having to grant SSH access to anybody.
  • We can share information easily over HTTP.
  • We can effectively limit what gets executed.

Documentation

You can find the complete documentation and examples here.

Authors

Kapow! is being developed by BBVA-Labs Security team members.

Kapow! is Open Source Software and available under the Apache 2 license.

Contributions

Contributions are of course welcome. See CONTRIBUTING or skim existing tickets to see where you could help out.

About

Kapow! If you can script it, you can HTTP it.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 66.8%
  • Gherkin 16.7%
  • Python 15.6%
  • Other 0.9%